Ebrahim Byagowi
c85f624b51
Force blob generation and memory check in hb-subset-fuzzer
2019-07-10 23:38:07 +04:30
Michiharu Ariza
8341c0b304
add test case file
2019-06-27 08:43:31 -07:00
Michiharu Ariza
90872a29ee
change assert(false) to failure
2019-06-11 12:42:28 -07:00
Michiharu Ariza
65e66a2d37
added test data
2019-06-03 16:31:41 -07:00
Bruce Mitchener
5846884f86
test: Use nullptr in C++ code. ( #1744 )
2019-06-03 12:30:25 +04:30
Qunxin Liu
e1a5ce6aa6
Fix fuzzer crash testcase
...
Add a check for stringOffSet(uint16) overflow,
return early if overflow happens
2019-05-24 15:26:20 -04:00
Garret Rieger
0ff3618c2d
[subset] Use hb_subset_input_t inside of subset_options_t so that input defaults are shared between the library and cli.
2019-05-20 13:35:46 -07:00
Behdad Esfahbod
9ef241cd40
[test] Add one more
2019-05-20 11:38:02 -04:00
Behdad Esfahbod
3efb7af7e2
[STAT] Fix sanitize condition
...
Oops!
Fixes https://oss-fuzz.com/testcase-detail/5696825891225600
2019-05-20 11:37:16 -04:00
Ebrahim Byagowi
30c059a978
[test] minor, fix -Weverything bot
2019-05-11 18:48:41 -04:00
Ebrahim Byagowi
25531a3039
[test] minor
...
style fix and add return statement
2019-05-11 19:50:42 +00:00
Behdad Esfahbod
25a5b287f2
Fix sanitize fail of extension sublookups
...
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=960331
2019-05-10 16:03:20 -07:00
Ebrahim Byagowi
df237d2fe7
[test] Add https://crbug.com/oss-fuzz/14641 testcase
...
As 503748d
fix
2019-05-08 14:17:14 -07:00
Ebrahim Byagowi
6d6edc8b25
[valgrind] Use libtool and support run-subset-fuzzer-tests ( #1668 )
2019-04-28 11:54:07 -07:00
Ebrahim Byagowi
62c6e17072
[test] Add crbug.com/oss-fuzz/14474 testcase
...
Fixed at 6977a95f
2019-04-28 10:55:07 -07:00
Michiharu Ariza
ba0386060d
fix oss-fuzz issue 14345
2019-04-18 18:18:05 -04:00
Behdad Esfahbod
b7384c89e2
[fuzzing] Run valgrind with --leak-check=full
2019-04-15 16:53:10 -04:00
Behdad Esfahbod
3ff66c0029
[fuzzing] Fail if valgrind is requested but not found
2019-04-15 16:52:21 -04:00
Behdad Esfahbod
ec2a5dc859
Use class templates for Null objects
...
This allows partial-instantiating custom Null object for template Lookup<T>.
Before, this had to be handcoded per instantiation. Apparently I missed
adding one for AAT::ankr.lookupTable, so it was getting the wrong (generic)
null for Lookup object, which is wrong and unsafe.
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=944346
2019-03-26 16:23:40 -07:00
Michiharu Ariza
bcb4e505d6
cff2 subset fuzzer issues ( #1619 )
...
* add check to FDArray::serialize
* add test files
* fix off by one
2019-03-15 13:46:25 -07:00
Garret Rieger
dc04261a5b
[subset] Update the subset fuzzer to determine which options to use based on data in the fuzzing test case.
...
Add support for toggling retain_gids.
2019-01-30 15:23:19 -08:00
Behdad Esfahbod
6879efc2c1
[AAT] Fix anchor bound checking, again
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=922303
2019-01-17 14:08:02 -05:00
Behdad Esfahbod
91d774712f
[test] Add test for previous commit
2019-01-14 15:31:31 -05:00
Behdad Esfahbod
7a6686a589
[AAT] Fix mort ContextualSubtable offset access
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12312
2019-01-14 15:09:14 -05:00
Behdad Esfahbod
a3fa7d3336
[AAT] Fix ankr table access
...
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=918340
2019-01-14 14:37:36 -05:00
Michiharu Ariza
798e98c47b
[CFF] bad offset in Index ( #1476 )
...
* Update hb-ot-cff-common.hh
* fix bug
* bummer fix wasn't hit. refix
* additional sanity check
* Added test cases for oss-fuzz issues 11805, 11806
2018-12-12 21:08:15 -05:00
Michiharu Ariza
bcb4ecaf68
[CFF] check out of range FD index ( #1477 )
...
* add fd index checks to subr subsetter
also added oss-fuzz test case
* undid SubrSubsetParam::is_valid
because already validated by SubrClosures.valid
2018-12-12 20:36:01 -05:00
Michiharu Ariza
2941208f1e
[CFF] oss-fuzz issue 11690 ASSERT: substr.offset >= opStart ( #1461 )
...
* fix oss-fuzz 11690: substr.offset >= opStart
detect recursive subroutine call & handle as error
* fix build failure
* add minimized test case for oss-fuzz 11690
* removed asserts
2018-12-11 15:21:24 -05:00
Michiharu Ariza
ae087d10c2
add minimized test case for oss-fuzz issue 11714
2018-12-05 21:47:34 -08:00
Ebrahim Byagowi
f95324a335
Merge pull request #1457 from harfbuzz/cff-varstore-sanitize
...
[CFF] oss-fuzz issue 11713 (CFF2VariationStore::serialize)
2018-12-06 08:33:44 +03:30
Michiharu Ariza
9d8f3b0dfb
add minimized test case for oss-fuzz issue 11713
2018-12-05 17:14:51 -08:00
Michiharu Ariza
34e3ef8ff3
Merge branch 'master' into cff-subr-sanitize
2018-12-05 15:50:05 -08:00
Michiharu Ariza
72d8f76368
add minimized test case for oss-fuzz issue 11691
2018-12-05 15:49:11 -08:00
Behdad Esfahbod
d9dabc00e9
Merge pull request #1454 from harfbuzz/cff-fixbcd
...
[CFF] fix oss-fuzz issue 11674: parse_bcd
2018-12-05 15:39:34 -08:00
Michiharu Ariza
6708c5595f
fix oss-fuzz issue 11675 (ASSERT: count <= str.len)
...
Also added an additional error check to avail ()
2018-12-05 12:51:18 -08:00
Michiharu Ariza
010e2ddb38
minimized test case for oss-fuzz issue 11674
2018-12-05 12:23:58 -08:00
Ebrahim Byagowi
79e7e3445e
Merge pull request #1449 from harfbuzz/cff-fixcharset
...
[CFF] fix for oss-fuzz 11657: Charset overrun
2018-12-05 13:25:18 +03:30
Ebrahim Byagowi
cf4b7db6b1
Merge pull request #1448 from harfbuzz/cff-leak
...
[CFF] fix leak: oss-fuzz 11662
2018-12-05 13:23:23 +03:30
Michiharu Ariza
32cc46c75a
[CFF] fix oss-fuzz issue 11670: NULL dereference ( #1450 )
...
* guard against no subr access
* code tweak
* add minimized testcase for oss-fuzz 11670 (Null deference)
2018-12-05 09:02:34 +03:30
Michiharu Ariza
78f639b8bf
added minimized testcase for oss-fuzz issue 11657
2018-12-04 14:17:03 -08:00
Michiharu Ariza
b61f74f69a
added minimized test case for oss-fuzz issue 11662
2018-12-04 10:30:35 -08:00
Michiharu Ariza
9424e80526
added minimized test cases
2018-12-03 16:18:10 -08:00
Behdad Esfahbod
84efe0438e
[aat] Fix division sign fallout
...
Happened after 11d2f49af8
since now nClasses is unsigned int...
2018-12-02 12:39:14 -05:00
Behdad Esfahbod
1204a247a5
[fuzzing] Add tests for previous commit
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11526
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11522
2018-11-24 09:49:21 -05:00
Behdad Esfahbod
2c8188bf59
[kerx] Make sure subtables are non-zero-length
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11400
2018-11-22 22:02:19 -05:00
Garret Rieger
8982830d3e
[subset] add fuzzer testcase.
2018-11-22 21:30:01 -05:00
Behdad Esfahbod
5212cd8af2
[fuzzing] Add new test
2018-11-12 14:25:18 -05:00
Behdad Esfahbod
d6666b3866
[fuzzing] Remove limited-edition build of libraries
...
Use normal, production, shared libraries.
Fixes https://github.com/harfbuzz/harfbuzz/issues/1237
2018-11-12 13:21:14 -05:00
Behdad Esfahbod
a549aa14a0
[kerx] Protect against stack underflow
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11367
2018-11-12 13:02:39 -05:00
Behdad Esfahbod
752bd8a192
[kerx] Fix Format1 tupleKern sanitization
...
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11312
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305
2018-11-10 21:13:32 -05:00